A user is generally able to use a service continuously while roaming across networks. When a user moves from a location being serviced by a current network to a location being serviced by a target network, a handoff may be performed, for example, at the access layer. When the handoff is performed, the user may need to be authenticated to the target network servicing the location into which the user is moving. An authentication on the access layer may occur in each handoff, and the user device may use pre-provisioned credentials for accessing the target network at the access layer.
The user's communication device may communicate using layered communication mechanisms. In many cases, the different layers of communication each require their own security. Handoffs may occur between one node in a layered network to another node. While techniques may exist to realize such handoffs, the communications may require a break of the currently used security associations or mechanisms.
According to one example, access-layer handoffs may cause such a break in the currently used security mechanisms by using an additional security establishment when a handoff takes place at the access-layer to another network. For example, the additional security establishment may include another session of authentication and/or security key agreement each time a handoff takes place at the access-layer. As access-layer handoffs may become more frequent, establishing additional security sessions each time an access-layer handoff occurs may introduce delays and/or unnecessary over-the-air communications and/or burden on the network authentication infra-structure. This may make it difficult to realize seamless handoffs.